Solved

Firewalling through Linuxconf

Posted on 2000-02-15
5
258 Views
Last Modified: 2010-04-20
I was just playing with Linuxconf, and I noticed that it is possible to set up IP routing rules through it, instead of manually putting "ipchains" statements in rc.local. Now I just need to find out where does Linuxconf put this information?
0
Comment
Question by:tibori
  • 2
  • 2
5 Comments
 
LVL 40

Expert Comment

by:jlevie
ID: 2525000
IP routing rules just specify how to get someplace. They don't provide any actual network security, for that you need ipchains and all that goes with it.
0
 
LVL 3

Author Comment

by:tibori
ID: 2525046
jlevie: It is called "firewalling" and there are some of the same options as with ipchains such as masquerading, blocking packets, forwarding packets etc. Have you tried doing this before? The reason I ask is to me it seems that its just a GUI for the ipchains commands. Even if I'm wrong, all I wanted to know is which files does the "firewalling" setup under Linuxconf modify?
Thanks
0
 
LVL 40

Accepted Solution

by:
jlevie earned 0 total points
ID: 2525460
My mistake, your question asked about the about the IP routing rules, which is completely different beast from Firewalling. I've run into more than one mis-guided person who thought that playing with routing was a substitue for a firewall.

Yes it's just a GUI interface that does the same thing that that ipchains does. It modifies the contents of /proc/net/ip_fwchains and /proc/net/ip_masquerade. I'ts not clear to me how much of an advantage it is over a config file. You still have to come up with the rules and you can't see all of the rules at once the way you can if they are in a file.
0
 

Expert Comment

by:castleinfo
ID: 2526027
You probably know this already but :
Most people create an rc.firewall file with all of the routing and IPCHAINS cmnds then change rc.local so that it runs the rc.firewall script.

Don't know anything about linuxconf though...
0
 
LVL 3

Author Comment

by:tibori
ID: 2528101
jlevie: Thanks, but I think you're right. It just makes things more confusing. I think I will go back to the ipchains commands.
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Daily system administration tasks often require administrators to connect remote systems. But allowing these remote systems to accept passwords makes these systems vulnerable to the risk of brute-force password guessing attacks. Furthermore there ar…
Linux users are sometimes dumbfounded by the severe lack of documentation on a topic. Sometimes, the documentation is copious, but other times, you end up with some obscure "it varies depending on your distribution" over and over when searching for …
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

837 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question